Proposal was made to raise confidence level by fusing security of Lidar sensors,
cameras, wireless and radar.

Automotive cyber security is moving to the front of the line of industry concerns, and panelists
at the recent 2015 Los Angeles Auto Show's Connected Car Expo outlined approaches that the industry should take. A pair of loud wake-up calls were cited by
Andre Weimerskirch, a research scientist at the University of Michigan's
Transportation Research Institute.

The most
noteworthy auto cyber hack was a project by Chris Valasek and Charlie Miller, now researchers at Uber Advanced Technology Center, in which they remotely could apply or disable the brakes, even kill the engine and affect steering. Their work, applied to a 2014 Jeep Cherokee,
through the UConnect infotainment system with Sprint cellular, led to a Fiat
Chrysler Automobiles safety recall on a wide range of models. The control was exercised without physical
access to the vehicle itself.

Still
another security researcher, Corey Thuen of Digital Bond Labs, claimed he had
reverse-engineered the Progressive Insurance dongle, and performed limited functions
that indicated it was vulnerable. The
dongle, supplied by Xirgo Technologies, monitors driving patterns, reports via
cellular, and the information is used to adjust policy rates.

"Hack into everything"

Those were just
examples, Weimerskirch said, adding, "we can hack into pretty much
everything that's out there." A
fearsome issue he cited: an attacker
just needs a tiny bit of automotive background because, assuming familiarity
with enterprise IT, he/she can hit the car.

Cadillac's
announcement that it will introduce V2V (vehicle-to-vehicle) communication on the 2017 CTS gives a sense of
urgency within the industry, as the rest of the industry is preparing to do the
same. But, he pointed out, the car
raises concerns beyond electronic communication via smartphones and computers. Weimserskirch noted three primary issues:
"safety, a super complex supply chain
with hundreds of suppliers, and a complex product—the car with thousands of
components."

The auto industry,
of course, is looking at what other industries are doing, Weimerskirch said, but there is
no other application in which the auto industry could just adapt its cyber security
solutions. Enterprise IT, which deals
with the hardware and control software systems used by large operations, must be cyber-secure, but it doesn't involve the same level of
safety or mobile use. SCADA (Supervisory
Control and Data Acquisition) deals with industrial controls, so safety is
involved, but not mobile use. Smartphones, he said, particularly the iPhone, has developed relevant
solutions, but not in the area of safety.
"However, [the] iPhone does a lot
of stuff right," he added.

Some 15 years
ago, Weimerskirch continued, researchers saw the value of more resilient electronic architectures with formally
verified source code and interfaces, and today we're still not using
them."So let's start," he urged.

Fusing to raise confidence level

The move to
autonomous driving, he said, will bring in use of various types of radar sensors, cameras, and wireless. Each can be hacked, with wireless the easiest and cameras the hardest. Although cameras can be blinded, their
images can't be forged. Lidar and radar
sensors are somewhere in between, he told the forum.

So the approach,
Weimerskirch continued, must be to take
the security levels of wireless, sensors, and cameras, and fuse them into a system
that raises the total confidence level to an acceptable perch. That is likely to mean that
some features will have to be limited until the security level can be made high
enough.

Cybersecurity curriculum

This work will
require trained talent, observed Karl Heimer of AutoImmune, a
cyber security consultant to the State of Michigan. There are no cybersecurity engineering degree
graduates, because there is no degree program in the subject. A curriculum is needed, he said, including a
good background in hardware/electrical engineering, education in computer
science, and how automobiles work.

The degree
program, he added, also should include internships at either an OE manufacturer or supplier and
a hacking company. "You don't get
to understand how break-ins occur by
being with a maker or developer,"
he said. So the interns have to live with the people who actually do the
hacking. The objective is for the OE to
end up with cyber security people who can work in development or
assessment/quality assurance.

He noted that
each OE maker and supplier has different needs and therefore likely different
approaches, but the Michigan Economic Development Corp., working in curriculum development, is trying to establish a common base that
colleges can adopt.

New initiatives, legislation

Cyber security
education opportunities are proliferating, the panelists agreed, pointing to
the annual SAEBattelle Cyberauto Challenge, a five-day workshop to identify
trends in the field (the next is July 25-29, 2016)

David Strickland,
an attorney who once headed NHTSA, noted
that legislators already are in the fray, with the SPY Car Act of 2015
requiring vehicles to be "reasonably" equipped to protect against
hacking, including intrusion detection systems. Naturally, Congress doesn't know how to do this, so it assigns the job
to NHTSA and the Federal Trade
Commission.

He also pointed
to Auto ISAC (Auto Information Sharing and Analysis Center), a consortium which
has just gone live. Strickland described
it as a foundational step to share information about cyber threats among
industry members, who include carmakers and suppliers.

Forum attendees
expressed concern about the possible effect of OE cyber security measures on the access of independent mechanics and
their test equipment to the vehicle's CAN (Controller Area Network) buses,
which also are entry points, via infotainment systems' wireless, for hackers.

Security effect on features

Weimerskirch said
security, therefore, must be by design, not by obscurity (denying access to the
information); "we know how to do that." The other panelists
agreed. Heimer added that it should not
be necessary to hide the contents of a packet needed for diagnosis, and secure
design would prevent it from being changed or the command it contains not going
through.

Cyber security is likely to affect the maximum performance
of some features, the panelists agreed. Weimerskirch said, for example, that the distance maintained between a
roadway line of cars might have to be increased because if the wireless were hacked, the
system would have to fall back on readings from radar and camera with on-board
adjustments. Heimer added that car
owners might have to be limited in what they can download; "you can't
burden an OE" with the threats of any download choice the driver makes.

To improve vehicle
protection against cyber threats, "over-the-air" software updates are
essential, the speakers conceded,
pointing to Tesla's success in that area as a superior approach to sending out
flash drives for owners to use. Other
makes have indicated their future intentions to do the same.

Time of flight (ToF) cameras are ready to let drivers control some of the many options of today’s infotainment systems with a mere wave of their hand. ToF-based systems can also monitor drivers to see if they’re drowsy or not watching roadways.

Lengthy automotive development and production cycles have long prevented automakers and startups from working together. While that’s changed a bit, many young companies still find it difficult to work with OEMs.